Classified Universe Still Expanding
Judging by the number of documents being withheld from the public
on asserted
national security grounds, the Clinton Administration is the most
secretive
Presidency in the history of the Republic.
Five years after the nominal end of the Cold War, the volume of classified documents has now become larger than ever. According to the latest annual report of the Information Security Oversight Office, classification activity actually increased by 1% in fiscal year 1993 to 6.4 million classification actions. At the same time, declassification activity decreased by 30%, for a substantial net growth in the universe of classified files.
"The data that we report here continue to support the need for reform," ISOO Director Steven Garfinkel delicately stated in his letter of transmittal to the President. The production of additional pages of classified information "far exceeds the number that are declassified under the current system.... This trend will not change unless we adopt entirely new methods of classifying and declassifying information," Garfinkel wrote.
According to Jeanne Schauble of the National Archives, the volume of classified documents at the Archives alone has more than doubled over the past decade to around 325 million pages (NCMS Bulletin, March-April 1994, p.5). Almost all of these are more than 30 years old. "By failing to adequately address the issue of declassification of these records, we not only incur unnecessary cost, we bring the credibility of the security classification system into question," Schauble noted.
The Administration's latest draft executive order on classification has much to recommend it (S&GB 34). If properly implemented, it would ameliorate the worst defects of today's cold war classification system. But that draft is reportedly encountering resistance from the intelligence community and other opponents of reform. And by all accounts, the deliberative process is taking longer than anyone had predicted.
"I had hoped the new executive order on classification would be completed by now," White House staff secretary John Podesta said May 18 at a National Press Club symposium. He estimated that the order might be issued "in 45 days."
A copy of the new ISOO annual report may be requested from the Information Security Oversight Office, 750 17th Street NW, Suite 530, Washington, DC 20006.
Classification Costs (Under-) Reported
Executive branch agencies estimated that the total cost of
national security classification-related activities in FY 1994 is
$2.271 billion, according to an April 13 report to Congress. The
cost accounting was required in language authored by Rep. David
Skaggs in several appropriations bills last year. The estimate
was
first reported by R. Jeffrey Smith in a startling front-page story
in the Washington Post on May 15.
While the official estimate is certainly a sizable amount of money, the actual classification-related costs are at least several times higher. There are two significant omissions in the $2.2 billion "total": classification costs for intelligence programs were not included, nor were Defense Department contractor costs for handling classified government information.
The 1994 intelligence authorization report explicitly stated that classification cost estimates for intelligence programs were "to be provided in both classified and unclassified forms" (H.Rep. 103-162, pt.1, pp. 26-27). But the intelligence agencies ignored this instruction and provided only a separate classified estimate. Rep. Skaggs and House Intelligence Chairman Dan Glickman sent an April 19 letter to DCI Woolsey expressing "strong disappointment" at the intelligence community's non-compliance.
"We do not consider the... response to be adequate and, worse, it appears that there has not been significant progress over the last year within the intelligence community to develop a methodology to capture the costs of security and classification within the National Foreign Intelligence Program," Glickman and Skaggs wrote. To date, no reply has been forthcoming.
DOD contractor costs for securing classified information, which are reimbursed by the government, represent another tremendous sum not included in the reported "total." There is no solid consensus on exactly how to calculate these costs, but a crude National Industrial Security Program estimate in a 1990 report to the President put the total at an incredible $13.8 billion for a single year. Allowing for these contractor costs, the May 15 Post article plausibly estimated a total of more than $16 billion per year for classification-related security expenditures.
A copy of the report to Congress is available from S&GB for $5 to cover postage and duplication.
Mandating Declassification
Each of the major intelligence agencies would be required to
spend a fraction of its security budget for document
declassification, according to a provision in the House version of
the FY 1995 Intelligence Authorization Act (HR 4299, section 701).
The requirement was drafted by the all-too-extraordinary Rep.
David
Skaggs as a logical follow-on measure to last year~s requirement
for a reporting of security costs.
Each agency of the National Foreign Intelligence Program which receives more than $1 million for security would be required to spend at least two percent of its security budget for declassification and related activities. Thus, without appropriating new money, these agencies would be compelled to assign at least a modicum of effort to tackling the declassification task they have largely neglected until now.
The Senate version of the bill contains no comparable provision. And neither version of the bill contains a requirement for disclosure of the aggregate i ntelligence budget. The Senate Intelligence Committee never even fulfilled its declared intent to hold hearings on the subject. The Senate markup, however, would put the 1995 budget for national and tactical intelligence programs at $27.7 billion. (Wash Post, 5/10/94, p. A7).
NISP Implodes
The National Industrial Security Program (NISP) will fail to
meet its June 30 deadline for preparing new government-wide
standards for protection of classified information held by
government contractors. ~There is a perception-- and it is a
valid
one-- that the NISP is foundering,~ said ISOO Director Steve
Garfinkel at a May 16 meeting of the American Society for
Industrial Security.
NISP was conceived in 1987 and has been laboring since then to develop ~a single, integrated, cohesive industrial security program to protect classified information.~ The idea was that it would replace the absurd multiplicity of overlapping and conflicting standards that industry must comply with at great expense. But because of failure to reach closure on a number of outstanding issues, the program will not be able to comply with the June 30 deadline that was set by executive order 12885. That order was issued to extend the original January 1994 deadline.
In an April 20 memorandum (available from S&GB), representatives of DOD, CIA, DOE and NRC complained that they were unable to assimilate the comments they had received on the draft NISP manual and would need more time.
"Many of the comments received either are irreconcilable or exacerbate the nonuniformity of the standards.... It is simply not possible for the Coordination Team, using the comments received, to resolve the differences between the protagonists and produce a document with any realistic chance of concurrence by all agencies and publication by June 30, 1994," the memorandum stated.
Among other things, the decline of the NISP provides a painful lesson about the inadequacy of consensus as a decision making technique. Program officials must now choose between violating the executive order or proceeding to publish a defective and incomplete security manual.
DIS Achieves Enlightenment
It is widely held that the Defense Investigative Service (DIS)
serves the Dark
Side of the Force. Among its other duties, DIS is responsible for
enforcing
the often mindless and arbitrary guidelines for protecting
classified information in industry, and punishing the violators.
As such, it is the embodiment of
some of the worst features of a secrecy system run amok.
What a surprise, then, to find that DIS is unilaterally adopting some of the most innovative security policy reforms in government. If the National Performance Review (reinventing government) was only meant to be a public relations strategy or a media stunt, somebody forgot to notify this defense agency. While everyone else is busy formulating bootless "recommendations," DIS, under the leadership of Director Jack Donnelly, is actually reforming the way it does business.
At a May 16 presentation to the American Society for Industrial Security, DIS Deputy Director Greg Gwash reported that DIS inspectors around the country are already being trained to shift from what he termed a punitive, compliance-oriented approach to a more service-oriented system. To a new extent, inspectors are being authorized to use common sense and to work together with industry to achieve performance goals rather than enforcing a rigid, predetermined set of security specifications. Significantly, this does not involve new expenditures. DIS is already working with a declining budget and workforce.
For the mid- to long-term, DIS has begun preparing what Donnelly calls an "experimental" NISPOM (NISP Operating Manual) that would incorporate the flexible, performance-based approach. Gwash pointed out that the original 1951 Industrial Security Manual (ISM) was only 14 pages long. The current 1991 ISM is about 400 pages and the latest draft NISP operating manual with supplements is even longer. But DIS has figured out that beyond a certain point, more rules only guarantee more violations, not better security.
It is too early to tell if any of this will succeed. What is refreshing, however, is the attempt to do something new, not just to talk about it.
Intercepting the NSA
But who will monitor the monitors? A new answer to Juvenal's
age-old question is suggested by Glenn Campbell, genius loci of
Groom Lake, site of America's most popular secret military base
(S&GB 26).
On a recent trip to the East Coast, Mr. Campbell paid a visit to the fence surrounding the site of the National Security Agency at Fort Meade, MD, where he characteristically stopped to snap a photograph of a sign saying "photography is prohibited." With wonderful efficiency, an NSA security patrol swooped down on him, confiscated his camera, and demanded his ID. But as they radioed in to their headquarters, Campbell used the frequency scanner in his car to identify the frequency they were using. In effect, as the security forces were monitoring him, he was also monitoring them. "The security patrols broadcast on 408.35 megahertz and, as might be expected from America's coding agency, the transmission was encrypted," reports Campbell.
This and other thrilling adventures are related in Campbell's newsletter The Groom Lake Desert Rat. Free internet subscriptions may be obtained by sending an email message to psychoserv@aol.com. Hardcopy subscriptions are available at $1.50 per issue from HCR Box 38, Rachel, Nevada 89001.
Because the government secrecy system has failed so far to adapt to post-cold war realities, many citizens have already stopped waiting for someone to fix it. With often remarkable sophistication, they are simply taking the information they need or want.
For aspiring citizen practitioners of signals intelligence, a new book provides "the top 100 military shortwave frequencies." "The Comprehensive Guide to Military Monitoring" by Steve Douglass also provides VHF and UHF frequencies for all military services and virtually all military facilities around the country. It is available for $23.95 from Universal Electronics Inc in Columbus, Ohio (tel. 614-866-4605). Douglass also publishes a newsletter called Intercepts, which provides updated information monthly. It is available for $18 per year from P.O. Box 7176, Amarillo, Texas 79114.